An interoperability standard for certified mail systems

https://doi.org/10.1016/j.csi.2012.03.002Get rights and content

Abstract

A large number of certified mail systems have been put into operation on the market over the last years. In contrast to standard mailing systems like e-Mail, certified mail systems provide the secure, reliable and evidential exchange of messages with the quality of traditional postal registered or certified mail. Most of these systems are tailored to national laws, policies, needs and technical requirements and are thus closed and only accessible by certain user groups. However, the ongoing globalization and opening of the markets, especially in the European Union, ask for global certified mailing as already known from e-Mail. Interoperability of certified mail systems is a new and challenging research field. This article presents a framework and standard to make arbitrary certified mail systems interoperable. The presented approach uses a federated trust network of so-called electronic delivery gateways for seamless certified mailing across systems. This is achieved by converting protocols and system specifics on different layers using a harmonized interoperability protocol. The presented framework has been standardized by the European Telecommunications Standards Institute (ETSI) as Registered Electronic Mail specification for interoperable certified mail systems.

Highlights

► Interoperability through federated network of electronic delivery gateways. ► Electronic delivery gateway converts certified mail protocol to generic Interconnect Protocol. ► Interconnect protocol wraps certified mail protocol into a generic protocol.

Introduction

People are accustomed to sending valuable documents in a secure and reliable way. This includes documents like deeds, contracts, bids, subpoenas, summons, etc. Regular mail has no security provisions and senders rely on the assumption of a correct and successful delivery. This is where Registered Mail and Certified Mail come into play. Registered mail is a useful vehicle in the postal world for secure mail delivery by providing extended tracking possibilities. The certified mail service provides the sender additional proofs of submission and receipt.

Nowadays, more and more people are using electronic communication means. However, standard communication systems like Internet electronic mail (e-Mail) have a poor evidential quality. They can rather be compared to sending a postcard, which lacks confidentiality, authenticity, integrity and non-repudiation. Extensions like S/MIME (Secure Multipurpose Mail Extensions) or PGP (Pretty Good Privacy) enhance the e-Mail protocol with additional cryptographic functionalities like confidentiality, integrity and authenticity. Nevertheless, the shortcoming of a non-repudiable fair exchange still remains. The Internet community tried to address this issue by introducing the four receipting mechanisms of Message Disposition Notifications (MDN) specified by RFC 3798 [17], Delivery Status Notifications (DSN) specified by RFC 3461 [25], SMTP service extensions for message tracking specified by RFC 3885 [1] and signed S/MIME receipts specified by RFC 2634 [18]. Due to the open nature of Internet e-Mail, all these extensions rely on the assumption of a fairly acting recipient. This means the recipient actually returns a receipt after having received the message.

Due to this gap, the research community has provided many protocols for secure messaging over the last two decades. They have been published as fair non-repudiation protocols. The aim was to design security extensions for asynchronous communications providing similar added value as registered or certified mail do in the postal world. The terms certified mail systems (CMS) or certified electronic mailing (CEM) are used when applying such protocols in the context of electronic mailing systems, for example Internet e-Mail. CEM is a quite young research discipline starting in the early 1990s.

Due to an increasing demand by governments, postal operators and the industry, various CMS have been put into operation over the last five years. Popular examples of governmental systems are the Italian Posta Elettronica Certificata (PEC) [16], the Austrian Document Delivery System (DDS) for the public sector [34] and the German De-Mail system [7]. Particularly the justice sector relies on the secure and evidential document delivery and started to introduce such systems several years ago with the Austrian ERV (Elektronischer Rechtsverkehr) [31] or the German EGVP (Elektronisches Gerichts- und Verwaltungspostfach) [32], which is based on the Online Services Computer Interface (OSCI) standard [2]. In the private sector mainly postal operators, which are continuously shifting their postal services into the electronic world, have identified a gap in the market and provide certified electronic mailing as value-added service. The Belgian CertiPost,3 the German E-Postbrief,4 the Swiss IncaMail5 or the Slovenian Secure Mailbox6 are popular representatives of European postal operator CMS. CMS are also largely deployed within enterprises, mainly for certified communications with external entities. These systems are mostly based on commercial off-the-shelf products.

All mentioned CMS are closed systems and thus only accessible by certain user groups. In order to address a particular recipient, senders have to be registered in the same system. It is currently not possible to send certified mailings from one system to another one. Especially businesses, which operate in multiple countries and take part in competitive tendering procedures or communicate with foreign public agencies, are forced to register accounts with multiple CMS. Like accustomed to e-Mail, users may want to have one mailbox and not to be faced with additional costs or getting familiar with new systems serving the same purpose. As being normal for e-Mail communications, there is a strong need for global certified electronic mailing. This issue has become more important with the expansion of the European Economic Area (EEA) and the creation of a European Digital Single Market aiming at increasing the growth potential within the European Union (EU) by removing legal and administrative barriers for businesses when they want to provide services abroad. A major objective in this context is to establish interoperability across different EU Member States, so that citizens and businesses can use domestic infrastructures abroad. This also includes CMS infrastructures.

CMS interoperability is a new and challenging research field. Even if some initiatives like the European Telecommunications Standards Institute (ETSI) or the Universal Postal Union (UPU) have recently started to standardize CEM communications, both research and practice lack solutions how to make existing systems interoperable. This article presents and discusses a new approach, which fills this gap by providing an interoperability framework and standard being able to couple arbitrary CMS. The remainder of this article is organized as follows. First, the topic of CEM is introduced by discussing basic concepts and security properties. Next, an overview of recent initiatives trying to achieve CMS interoperability is given. It is argued why these initiatives cannot be used to achieve interoperability between existing CMS. Following this, the main problem of CMS interoperability is sketched and requirements and challenges of an interoperability standard are discussed. That followed, the core architecture of the interoperability concept is discussed. The main idea behind the concept is a gateway solution making CMS interoperable with a multilateral approach on different layers. This includes technical, semantic, and procedural interoperability. From a technical point of view, gateways act as entry or exit point of a CMS and interface with other CMS operating on a different CEM protocol. The idea is that each CMS has at least one gateway and gateways communicate with each other using the harmonized Interconnect Protocol (ICP), which represents a metadata layer being able to map CMS aspects to a unified metadata protocol on a technical and semantic layer. This article also discusses the standardization of the ICP by ETSI as a new Registered Electronic Mail (REM) standard for bridging CMS based on different protocols. Finally, security and legal aspects are discussed and conclusions are drawn.

Section snippets

Certified electronic mail

An interoperability framework or standard usually requires a deep understanding of underlying technologies and architectural models. This also applies to the subject of CEM, which has much more aspects beyond the communicational part. Basically, a CMS operates on an underlying communication system like Internet e-Mail or Web services technologies and extends this system with several architectural concepts and security properties. To get a deeper understanding of the topic of CEM, this section

Related work

Due to the heterogeneity and the continuous growth of the worldwide CMS ecosystem, two major organizations have started to work against the development of new proprietary solutions. Both, ETSI as European standardization organization and the UPU as international organization that coordinates postal policies, have published standards for certified electronic mailing. They are discussed in the following sections and it is argued why they cannot be used to achieve interoperability of existing

Requirements and challenges

In the domestic (closed) CMS scenario all entities deal with the same regulations, policies, business processes, semantics and technologies. This means that entities communicate over well-known interfaces, they know the meaning of each CMS object like exchanged messages and evidences or other infrastructural parts and they know potential process flows within the system. Moreover, entities communicate in a trusted environment. Even if sender and recipient do not know each other, they are faced

Interoperability concept

The first part of this chapter discusses the conceptual model of the CMS interoperability standard. The model adopts several key elements of the European Interoperability Framework (EIF) [12] to serve the needs for CMS interoperability. The second part of this chapter discusses how the single conceptual elements have been realized by using open standards and by reusing existing components and concepts to meet all stated requirements.

Process model

This chapter defines the single process steps of the CMS interoperability concept in more detail. It puts together the single pieces and discusses the cross-border delivery process by means of two CMS A and CMS B where CMS A is the sender's CMS and CMS B the recipient's CMS. Each of the two CMS is associated with a gateway, labeled EDG A and EDG B, respectively.

A message delivery process (for both dispatch and evidence messages) from the sender to the recipient across CMS boundaries can be

Standardization

In January 2010 ETSI has initiated the Specialist Task Force (STF) 402, a group of experts, with the aim to update the current REM specifications for the seamless exchange of messages between different CMS. The initial goal was to couple SMTP-based REM systems with CMS solutions based on other protocols; primarily Web services based on SOAP.

Because of the similar goals, ETSI STF 402 has tightly collaborated with the authors9

Discussion

Chapter 4 identified and analyzed the requirements, which a CMS interoperability framework should have to fulfill. The requirements have been discussed on an abstract level and were mainly related to design principles rather than deciding on concrete technical details. The requirements of scalability, autonomy and transparency have been entirely fulfilled. The next section briefly discusses the fulfillment of the requirements in terms of security and privacy. The concept presented in this

Conclusions

Due to the ongoing globalization and the opening of the markets, there is an increasing demand for pan-European and global certified mailing. This article presented an interoperability framework and standard for seamless communications between (closed) CMS. Throughout the article the concept of CMS interoperability has been discussed, which uses so-called electronic delivery gateways to achieve interoperability between different CMS on all levels: technical, semantic and procedural. To achieve

Acknowledgments

This research work has been partially funded by the European large scale pilot project SPOCS (Simple Procedures Online for Cross-border Services) in the ICT Policy Support Programme under the Competitiveness and Innovation Framework Programme (CIP).

References (42)

  • A. Tauber

    A survey of certified mail systems provided on the Internet

    In: Computers & Security

    (2011)
  • E. Allman et al.

    IETF RFC 3885 – SMTP Service Extension for Message Tracking

    (2004)
  • J. Apitzsch

    Mechanismen zur Nachweisbarkeit der Kommunikation bei OSCI Transport

    Datenschutz und Datensicherheit – DuD

    (2007)
  • J. Apitzsch et al.

    Assessment of existing eDelivery systems and specifications required for interoperability

    (2010)
  • Capgemini

    Architecture for delivering pan-European e-Government services (PEGS Infrastructure) version 1.0

    (2004)
  • Council of Europe

    European convention on the service abroad of documents relating to administrative matters

    European Treaty Series – No. 94

    (1977)
  • Council of the European Union

    REGULATION (EC) No 1393/2007 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 13 November 2007 on the service in the Member States of judicial and extrajudicial documents in civil or commercial matters (service of documents), and repealing Council Regulation (EC) No 1348/2000

    (2000)
  • J. Dietrich et al.

    De-Mail — verschlüsselt, authentisch, nachweisbar

    Datenschutz und Datensicherheit – DuD

    (2010)
  • ETSI

    ETSI TS 102 605: Electronic Signatures and Infrastructures (ESI) – Registered E-Mail

    (2007)
  • ETSI

    ETSI TS 102 231: Electronic Signatures and Infrastructures (ESI) – Provision of harmonized Trust-service status information

    (2009)
  • ETSI (European Telecommunications Standards Institute)

    ETSI TS 102 640–1: Electronic Signatures and Infrastructures (ESI) – Registered Electronic Mail (REM)

    (2010)
  • European Commission

    Commission decision of 16 October 2009 setting out measures facilitating the use of procedures by electronic means through the ‘points of single contact’ under Directive 2006/123/EC of the European Parliament and of the Council on services in the internal market, 2009/767/EC

    (2009)
  • European Commission

    European Interoperability Framework for European Public Services (EIF) version 2.0

    (2010)
  • European Union

    Directive 1999/93/EC of the European Parliament and of the Council on a Community framework for electronic signatures

    Official Journal of the European Communities

    (1999)
  • European Union

    Directive 2008/6/EC of the European Parliament and of the Council of February 2008 amending Directive 97/67/EC with regard to the full accomplishment of the internal market of Community postal services

    (2008)
  • F. Ferrer-Gomilla et al.

    Certified electronic mail: properties revisited

    Computers & Security

    (2010)
  • F. Gennai et al.
  • T. Hansen et al.

    IETF RFC 3798 – Message Disposition Notification

    (2004)
  • P. Hoffman

    Enhanced Security Services for S/MIME, Internet Engineering Task Force (IETF), RFC 2634

    (1999)
  • B. Hulsebosch et al.

    STORK D3.2 – Quality authenticator scheme

    (2009)
  • ISO/IEC 27001

    Information technology: security techniques – information security management systems – requirements

    (2005)

    • Cited by (6)

    • Optimistic protocol for certified electronic mail with verifiable TTP

      2018, Computer Standards and Interfaces
      Citation Excerpt :

      We have reviewed 124 papers, related to certified email and/or non-repudiation services. Thirty-eight papers do not propose protocols for certified email: the authors only analyze previous solutions, or expose and discuss general concepts (e.g., [4–10]). Among the others, we found six proposals without TTP (e.g., [11–14]).

    • Cross-border certified electronic mailing: A European perspective

      2013, Computer Law and Security Review

    • A universal system for fair non-repudiable certified e-mail without a trusted third party

      2013, Computers and Security
      Citation Excerpt :

      A crucial implication of CEM protocols is the exchange of non-repudiable evidences between the exchanging partners. The following definitions (Ferrer-Gomilla et al., 2010; Tauber, 2011) of non-repudiable evidences are generally accepted: NRO: A protocol provides a non-repudiation of origin service if, and only if, it generates evidence of origin, which will allow the recipient to demonstrate to an arbiter whether the originator was the message's author or not.

    • Smart city governance

      2018, Smart City Governance

    • SDN based e-mail repudiation source restraining method

      2016, Tongxin Xuebao/Journal on Communications

    • Informational privacy and registered certified mail: What do the people want?

      2015, Postal and Delivery Innovation in the Digital Economy
    1

    Tel.: + 49 421 2049539.

    2

    Tel.: + 39 49 8288093.

    View full text
    Copyright © 2012 Elsevier B.V. All rights reserved.